10 |
10 |
11 (*Note: s2 instead of s1 in last argument type!*) |
11 (*Note: s2 instead of s1 in last argument type!*) |
12 definition corresp_ex_simC :: |
12 definition corresp_ex_simC :: |
13 "('a, 's2) ioa \<Rightarrow> ('s1 \<times> 's2) set \<Rightarrow> ('a, 's1) pairs \<rightarrow> ('s2 \<Rightarrow> ('a, 's2) pairs)" |
13 "('a, 's2) ioa \<Rightarrow> ('s1 \<times> 's2) set \<Rightarrow> ('a, 's1) pairs \<rightarrow> ('s2 \<Rightarrow> ('a, 's2) pairs)" |
14 where "corresp_ex_simC A R = |
14 where "corresp_ex_simC A R = |
15 (fix $ (LAM h ex. (\<lambda>s. case ex of |
15 (fix \<cdot> (LAM h ex. (\<lambda>s. case ex of |
16 nil \<Rightarrow> nil |
16 nil \<Rightarrow> nil |
17 | x ## xs \<Rightarrow> |
17 | x ## xs \<Rightarrow> |
18 (flift1 |
18 (flift1 |
19 (\<lambda>pr. |
19 (\<lambda>pr. |
20 let |
20 let |
21 a = fst pr; |
21 a = fst pr; |
22 t = snd pr; |
22 t = snd pr; |
23 T' = SOME t'. \<exists>ex1. (t, t') \<in> R \<and> move A ex1 s a t' |
23 T' = SOME t'. \<exists>ex1. (t, t') \<in> R \<and> move A ex1 s a t' |
24 in (SOME cex. move A cex s a T') @@ ((h $ xs) T')) $ x))))" |
24 in (SOME cex. move A cex s a T') @@ ((h \<cdot> xs) T')) \<cdot> x))))" |
25 |
25 |
26 definition corresp_ex_sim :: |
26 definition corresp_ex_sim :: |
27 "('a, 's2) ioa \<Rightarrow> ('s1 \<times> 's2) set \<Rightarrow> ('a, 's1) execution \<Rightarrow> ('a, 's2) execution" |
27 "('a, 's2) ioa \<Rightarrow> ('s1 \<times> 's2) set \<Rightarrow> ('a, 's1) execution \<Rightarrow> ('a, 's2) execution" |
28 where "corresp_ex_sim A R ex \<equiv> |
28 where "corresp_ex_sim A R ex \<equiv> |
29 let S' = SOME s'. (fst ex, s') \<in> R \<and> s' \<in> starts_of A |
29 let S' = SOME s'. (fst ex, s') \<in> R \<and> s' \<in> starts_of A |
30 in (S', (corresp_ex_simC A R $ (snd ex)) S')" |
30 in (S', (corresp_ex_simC A R \<cdot> (snd ex)) S')" |
31 |
31 |
32 |
32 |
33 subsection \<open>\<open>corresp_ex_sim\<close>\<close> |
33 subsection \<open>\<open>corresp_ex_sim\<close>\<close> |
34 |
34 |
35 lemma corresp_ex_simC_unfold: |
35 lemma corresp_ex_simC_unfold: |
41 (\<lambda>pr. |
41 (\<lambda>pr. |
42 let |
42 let |
43 a = fst pr; |
43 a = fst pr; |
44 t = snd pr; |
44 t = snd pr; |
45 T' = SOME t'. \<exists>ex1. (t, t') \<in> R \<and> move A ex1 s a t' |
45 T' = SOME t'. \<exists>ex1. (t, t') \<in> R \<and> move A ex1 s a t' |
46 in (SOME cex. move A cex s a T') @@ ((corresp_ex_simC A R $ xs) T')) $ x)))" |
46 in (SOME cex. move A cex s a T') @@ ((corresp_ex_simC A R \<cdot> xs) T')) \<cdot> x)))" |
47 apply (rule trans) |
47 apply (rule trans) |
48 apply (rule fix_eq2) |
48 apply (rule fix_eq2) |
49 apply (simp only: corresp_ex_simC_def) |
49 apply (simp only: corresp_ex_simC_def) |
50 apply (rule beta_cfun) |
50 apply (rule beta_cfun) |
51 apply (simp add: flift1_def) |
51 apply (simp add: flift1_def) |
52 done |
52 done |
53 |
53 |
54 lemma corresp_ex_simC_UU [simp]: "(corresp_ex_simC A R $ UU) s = UU" |
54 lemma corresp_ex_simC_UU [simp]: "(corresp_ex_simC A R \<cdot> UU) s = UU" |
55 apply (subst corresp_ex_simC_unfold) |
55 apply (subst corresp_ex_simC_unfold) |
56 apply simp |
56 apply simp |
57 done |
57 done |
58 |
58 |
59 lemma corresp_ex_simC_nil [simp]: "(corresp_ex_simC A R $ nil) s = nil" |
59 lemma corresp_ex_simC_nil [simp]: "(corresp_ex_simC A R \<cdot> nil) s = nil" |
60 apply (subst corresp_ex_simC_unfold) |
60 apply (subst corresp_ex_simC_unfold) |
61 apply simp |
61 apply simp |
62 done |
62 done |
63 |
63 |
64 lemma corresp_ex_simC_cons [simp]: |
64 lemma corresp_ex_simC_cons [simp]: |
65 "(corresp_ex_simC A R $ ((a, t) \<leadsto> xs)) s = |
65 "(corresp_ex_simC A R \<cdot> ((a, t) \<leadsto> xs)) s = |
66 (let T' = SOME t'. \<exists>ex1. (t, t') \<in> R \<and> move A ex1 s a t' |
66 (let T' = SOME t'. \<exists>ex1. (t, t') \<in> R \<and> move A ex1 s a t' |
67 in (SOME cex. move A cex s a T') @@ ((corresp_ex_simC A R $ xs) T'))" |
67 in (SOME cex. move A cex s a T') @@ ((corresp_ex_simC A R \<cdot> xs) T'))" |
68 apply (rule trans) |
68 apply (rule trans) |
69 apply (subst corresp_ex_simC_unfold) |
69 apply (subst corresp_ex_simC_unfold) |
70 apply (simp add: Consq_def flift1_def) |
70 apply (simp add: Consq_def flift1_def) |
71 apply simp |
71 apply simp |
72 done |
72 done |
132 done |
132 done |
133 |
133 |
134 lemma move_subprop4_sim: |
134 lemma move_subprop4_sim: |
135 "is_simulation R C A \<Longrightarrow> reachable C s \<Longrightarrow> s \<midarrow>a\<midarrow>C\<rightarrow> t \<Longrightarrow> (s, s') \<in> R \<Longrightarrow> |
135 "is_simulation R C A \<Longrightarrow> reachable C s \<Longrightarrow> s \<midarrow>a\<midarrow>C\<rightarrow> t \<Longrightarrow> (s, s') \<in> R \<Longrightarrow> |
136 let T' = SOME t'. \<exists>ex1. (t, t') \<in> R \<and> move A ex1 s' a t' |
136 let T' = SOME t'. \<exists>ex1. (t, t') \<in> R \<and> move A ex1 s' a t' |
137 in mk_trace A $ (SOME x. move A x s' a T') = (if a \<in> ext A then a \<leadsto> nil else nil)" |
137 in mk_trace A \<cdot> (SOME x. move A x s' a T') = (if a \<in> ext A then a \<leadsto> nil else nil)" |
138 apply (cut_tac move_is_move_sim) |
138 apply (cut_tac move_is_move_sim) |
139 defer |
139 defer |
140 apply assumption+ |
140 apply assumption+ |
141 apply (simp add: move_def) |
141 apply (simp add: move_def) |
142 done |
142 done |
159 text \<open>Lemma 1: Traces coincide\<close> |
159 text \<open>Lemma 1: Traces coincide\<close> |
160 |
160 |
161 lemma traces_coincide_sim [rule_format (no_asm)]: |
161 lemma traces_coincide_sim [rule_format (no_asm)]: |
162 "is_simulation R C A \<Longrightarrow> ext C = ext A \<Longrightarrow> |
162 "is_simulation R C A \<Longrightarrow> ext C = ext A \<Longrightarrow> |
163 \<forall>s s'. reachable C s \<and> is_exec_frag C (s, ex) \<and> (s, s') \<in> R \<longrightarrow> |
163 \<forall>s s'. reachable C s \<and> is_exec_frag C (s, ex) \<and> (s, s') \<in> R \<longrightarrow> |
164 mk_trace C $ ex = mk_trace A $ ((corresp_ex_simC A R $ ex) s')" |
164 mk_trace C \<cdot> ex = mk_trace A \<cdot> ((corresp_ex_simC A R \<cdot> ex) s')" |
165 supply if_split [split del] |
165 supply if_split [split del] |
166 apply (pair_induct ex simp: is_exec_frag_def) |
166 apply (pair_induct ex simp: is_exec_frag_def) |
167 text \<open>cons case\<close> |
167 text \<open>cons case\<close> |
168 apply auto |
168 apply auto |
169 apply (rename_tac ex a t s s') |
169 apply (rename_tac ex a t s s') |
179 text \<open>Lemma 2: \<open>corresp_ex_sim\<close> is execution\<close> |
179 text \<open>Lemma 2: \<open>corresp_ex_sim\<close> is execution\<close> |
180 |
180 |
181 lemma correspsim_is_execution [rule_format]: |
181 lemma correspsim_is_execution [rule_format]: |
182 "is_simulation R C A \<Longrightarrow> |
182 "is_simulation R C A \<Longrightarrow> |
183 \<forall>s s'. reachable C s \<and> is_exec_frag C (s, ex) \<and> (s, s') \<in> R |
183 \<forall>s s'. reachable C s \<and> is_exec_frag C (s, ex) \<and> (s, s') \<in> R |
184 \<longrightarrow> is_exec_frag A (s', (corresp_ex_simC A R $ ex) s')" |
184 \<longrightarrow> is_exec_frag A (s', (corresp_ex_simC A R \<cdot> ex) s')" |
185 apply (pair_induct ex simp: is_exec_frag_def) |
185 apply (pair_induct ex simp: is_exec_frag_def) |
186 text \<open>main case\<close> |
186 text \<open>main case\<close> |
187 apply auto |
187 apply auto |
188 apply (rename_tac ex a t s s') |
188 apply (rename_tac ex a t s s') |
189 apply (rule_tac t = "SOME t'. \<exists>ex1. (t, t') \<in> R \<and> move A ex1 s' a t'" in lemma_2_1) |
189 apply (rule_tac t = "SOME t'. \<exists>ex1. (t, t') \<in> R \<and> move A ex1 s' a t'" in lemma_2_1) |